Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
The system log (syslog) contains a record of the operating system (OS) events that indicates how the system processes and drivers were loaded. The syslog shows informational, error and warning events related to the computer OS. By reviewing the data contained in the log, an administrator or user troubleshooting the system can identify the cause of a problem or whether the system processes are loading successfully.
The OS maintains a log of events that helps in monitoring, administering and troubleshooting the system in addition to helping users get information about important processes. Some of the events include system errors, warnings, startup messages, system changes, abnormal shutdowns, etc. This list is applicable to most versions of the three common OSs (Windows, Linux and Mac OS).
The events recorded are the significant occurrences in the OS that require notifying the user. The log contains information about the software, hardware, system processes and system components. It also indicates whether the processes loaded successfully or not. The information can then be used to diagnose the sources of computer problems, whereas the warnings can be used to predict potential system issues and problems.
The syslog has standard components that may vary depending on the OS. However, there are common components and information that are captured regardless of the OS.
All entries are classified by type such as error, information, warning, success audit and failure audit for Windows systems, and emergency, alert, critical, error, warning, notice, info and debug for Mac OS and Linux systems.
Each syslog entry contains a header information and a description of the events. The latter includes the date and time the events occurred, the username logged on and the computer name at the time of the event. It also contains the event ID number that is used to identify the event and the source of the event such as the name of the system component.
The syslog is easily viewed using built-in utilities such as the Event Viewer in Windows. In addition to viewing, the Event Viewer is also used to manage the file size, save or archive the log file, clear old events and set overwrite options. Other options include finding or filtering events and restoring the log to default settings.